MiSec Jackson Meetup July 12th 2016

Title: Defense in Depth

Defense in Depth: We all have heard some security professionals describe defense-in-depth as “dead.” This could not be farther from the truth. The truth of the matter is that the art and science of defense-in-depth should be expanded in many organizations. We’ll also discuss the concept of Defense in Depth and introduce you to the Sliding Scale of Cyber Security.

Speakers: Don Warnecke and Mattew France

Tuesday, July 12th, at 7 pm
Consumers Energy
One Energy Plaza`
Jackson, MI 49201

Please use the Francis Street parking deck.

Misec Southfield Meetup June 16th

We have OWASP at #misec Southfield this month!

James Green will be presenting Web app testing – Don’t burp on your browser.

This talk will cover the basics of security controls that need to be in place to keep web applications secure. The idea is to improve your app or learn how to misuse other ones.

Thursday, June 16th, at 7 pm
One Towne Square
7th Floor, Suite 700
Southfield, MI 48076

MiSec Jackson Meetup June 14th 2016

This month we will be having a round of lightning talks!

Speaker and  Topics Below!

Samuel Bradstreet – WiFi Revolution
Luke Gorczyca – Botnets
James Green – 5 Hacks in 15 Minutes
Jim Beechey – The Kill Chain
Sam Wrona – Binary and Subnetting: The Dying Talent
Benjamin Carroll – Netlab: The Final Frontier
Daniel Ebbutt – Adventures in GDB

If you want to sign up for a lightning talk (a quick 10 minute talk) or I forgot to add you, let me know via twitter @chaoticflaws

Tuesday, June 14th, at 7 pm
Consumers Energy
One Energy Plaza`
Jackson, MI 49201

Please use the Francis Street parking deck.

#misec Path to the Dark Side – Coming up in InfoSec panel May 21st 2016

Welcome to our first joint #misec Jackson & Southfield event (and panel) of the year!

With local leaders from the worlds of private industry, consulting, and education – we will discuss topics ranging from making the transition to InfoSec to finding your path forward once you’ve made the leap. After lunch, we will open the panel to discussions with the audience in an InfoSec community event you won’t want to miss.

Featuring panelists Wolfgang Goerlich (@jwgoerlich), Jim Beechey (@jim_beechey) and more!

Get your tickets >>>>> here <<<<< (they’re free!)

10:00 AM Event Kickoff
10:30 AM Meet & Greet
11:00 AM Panel 1st half – Questions/Topics
12:00 PM Lunch Break
1:00 PM Panel 2nd half – Wrap-up and audience discussion
2:00 PM Closing Comments

At no additional cost, we are happy to announce a free raffle with such prizes as:

Self-driven beginner’s Pentesting, Wi-fi, Windows Exploit, and Ethical Hacking training – everything you need to get started testing your lab/training network hands-on!

The Red Team Field Manual

Raspberry Pi 2.0

A Remote Control Flying Drone

You are entered to win simply by grabbing a free ticket!

See you there!

-@chaoticflaws, @vajkat, @ZenM0de

MiSec Southfield Meetup May 12th 2016

Lightning Talk: Jayson Brown is presenting: Offensive Security: Stuff you wish you could un-see and how to handle it professionally…

For our main speaker, we are excited to have J. Wolfgang Goerlich presenting: Food Fight: Analyzing the Food Supply


J. Wolfgang Goerlich is an influential leader and IT management executive with the ability to act as a cultural change agent, driving security initiatives and raising security postures. He currently works as the Director of Security Strategy for Creative Breakthroughs Inc (CBI) and has been in the industry for over 20 years. Areas of expertise include managing culture, ITGRC, security community and mentorship, application security and team leadership.

Please note: if you hadn’t heard it yet, below is the address of our new venue

Thursday, May 12th, at 7 pm
One Towne Square
7th Floor, Suite 700
Southfield, MI 48076

MiSec Southfield Meetup April 14th 2016

We will kick things off this April with a lightning talk from Khalid Abutayeb presenting: A Red Teamers Lunch Box – Raspberry PIE Included

For our main speaker, we are excited to have our very own Mark Stanislav presenting: Hide Yo’ Kids: Hacking Your Family’s Connected Things

This presentation will cover security research on Internet-connected devices targeting usage by, or for, children. Mark will discuss the vulnerabilities he found during this research, including account takeovers, device hijacking, backdoor credentials, unauthorized file downloading, and dangerously out-of-date protocols & software. Devices discussed will include Internet-connected baby monitors, a GPS-enabled platform to track children, and even a Wi-Fi & Bluetooth-connected stuffed animal. Details about mobile reverse engineering, hardware hacking, network traffic analysis, and other research techniques will be presented to help others learn about methods to perform their own research.

Curious about how well your privacy and safety are being taken care of by IoT vendors? Interested in IoT security research and want to understand what flaws are being found in devices today? Skip the hype-only stunt hacking and come hear Mark discuss real-world examples of issues that actively threatened the privacy and safety of the families using connected devices. After all, if it ‘takes a village to raise a child’ it’s going to take a lot of hackers to secure them in the Internet of Things.

Mark Stanislav is the Manager of Security Advisory Services at Rapid7. Mark has spoken internationally at over 100 events including RSA, DEF CON, SOURCE Boston, Codegate, SecTor, and THOTCON. Mark’s security research and initiatives have been featured by news outlets such as the Wall Street Journal, The Associated Press, CNET, Good Morning America, and Forbes. Mark is the co-founder of the Internet of Things security research initiative, BuildItSecure.ly. He is also the author of a book titled, “Two-Factor Authentication”.

Mark earned his Bachelor of Science Degree in Networking & IT Administration and his Master of Science Degree in Technology Studies, focused on Information Assurance, both from Eastern Michigan University. During his time at EMU, Mark built the curriculum for two courses focused on Linux administration and taught as an Adjunct Lecturer for two years. Mark holds CISSP, Security+, Linux+, and CCSK certifications.

Please note: if you hadn’t heard it yet, below is the address of our new venue


Thursday, April 14th, at 7 pm
One Town Square
7th Floor, Suite 700
Southfield, MI 48076

MiSec Jackson Meetup April 12th 2016

Title: My experience with Cybati at Defcon
Speaker: Kate Vajda

Talk Summary:
We have Kate giving a talk on her experience trying to win hardware in the Defcon ICS village. She will be chatting about some of the tools she discovered and how she figured out how to utilize the Cybati framework.

Bio: Kate Vajda is a long time computer enthusiast.

Tuesday, April 12th, at 7 pm
Consumers Energy
One Energy Plaza`
Jackson, MI 49201

Please use the Francis Street parking deck.

MiSec Southfield Meetup March 10th

For our first OWASP of the year, this month Josh Little is presenting Walk the Line: Breaking Access Control Models

In this talk, professional pentester Josh Little will discuss common features of web application access control models and strategies for performing manual verification of their effectiveness. He may also actually say something funny, so if you’re not into access control models, at least come for that. If you’re not into the whole brevity thing, you’ve come to the right place.

Josh is a 17-year IT, development, and security professional and currently leads the testing practice at VioPoint.

Lightening talk:
John T Chihan Jr. is presenting Device Interaction Evolution

This talk will be on how our interactions between our devices has evolved and what communication between us and our devices will look like in the near future.

This is our first month at the new #misec Southfield venue:
Thursday, March 10th at 7 PM
26100 Northwestern Highway
Suite 700
Southfield, Michigan, 48076

MiSec Jackson Meetup March 8th 2016

Title: Better life through Models


Models play a major role in our lives – we start using them as an infant to understand everything from motor skills to social constructs, and continue using them throughout our lives as we develop. We will look at the impact models can have on skills development, security program development, and even dealing with/planning for/analyzing specific threat scenarios. To do this we’ll dive into the good and bad of various models at work in the industry today, have a few laughs, and discuss the characteristics that make said models valuable from different angles.



Steven D. Legg (@ZenM0de) is a Security Strategy Consultant for eSentire. Bringing more than 16 years of experience with everything from designing nationwide multimedia distribution networks to directing teams and building businesses, Steven now spends his time assessing, coaching, and building frameworks. Steven is also a developer for the PoshSec project, host of #misec Southfield, and father to an awesome daughter.


Tuesday, March 8th, at 7 pm
Consumers Energy
One Energy Plaza`
Jackson, MI 49201

Please use the Francis Street parking deck.

MiSec Southfield Meetup February 11th – Cancelled

#misec Southfield will not be meeting this month as we prepare our new venue for March’s meetup.


Stay tuned for address/info!

Return top

About MichSec.org

We are a collective of Michigan based information security professionals (or maybe just people interested in security) looking to share knowledge and make the world a safer place.